<?php
session_start();
//session_register('login_state');
//$_SESSION['login_state'] ; 
?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<?
//=====================================================
$path = '../';
include($path."common.php");
include($path."prod_fun.php");
//=====================================================
for($i=1 ; $i<=count($txt) ; $i++){
$stxt[$i] = str_replace("'","''",$txt[$i]) ;
$stxt[$i] = str_replace("//","////",$txt[$i]) ;
}


//=====================================================
$page1 = "ord_list.php" ;
//echo $nowpage ;
//echo $page1 ;
if($_POST['action'] == ""){
	$action = $_GET['action'] ;
}else{
   $action = $_POST['action'] ;
}
$nowpage = $_GET['nowpage'] ;
//=====================================================
switch($action){
//=====================================================
case "返回清單" :
$page = $page1 . "?page=$nowpage" ;
gotopage($page) ;
break;
//=====================================================
case "新增資料" :
$page = "prod_edit.php" ;
gotopage($page) ;
break;
//=====================================================
case "查詢資料" :
$id = $_GET['oid'] ;

$page = "ord_edit.php?oid=$id&nowpage=$nowpage" ;

gotopage($page) ;
break;
//=====================================================
case "修改" :
//------------------------------------------------------------------------------------------------
$od_no = $_POST['od_no'];
$od_st = $_POST['od_st'];
$sql_up = "update kart_order set 
					order_state = '$od_st' 
					where order_id = '$od_no' limit 1 
					" ;
$result_up = mysql_query($sql_up) ;
$msg = "資料修改完成" ;
$page = "ord_edit.php?oid=$od_no" ;
msgpop($msg) ;

gotopage($page) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================
case "登入" :
//------------------------------------------------------------------------------------------------
$account = $_POST['account'] ;
$pwd = $_POST['pwd'] ;
$sql_login = "select * from kart_manage where user_account = '$account' and user_password = '$pwd' and user_valid = 'Y' " ;
$result_login = mysql_query($sql_login) ;
$row_login = mysql_fetch_object($result_login);
$_SESSION['login_state'] = $row_login->user_auth ; 
if($_SESSION['login_state'] == "S" or $_SESSION['login_state'] == "O"){
$page = "ord_list.php" ;
 
}else{
$msg = "使用者帳號或密碼錯誤。" ;	
$page = "ord_login.php" ;
msgpop($msg) ;
}
gotopage($page) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================
case "登出" :
//------------------------------------------------------------------------------------------------
session_destroy();
$page = "ord_login.php" ;
gotopage($page) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================

}

?>